Interesting Attempt - But a Failed One

May 11th 2011|Written by Suzanna Soyinka|

As some people may be aware on May 8th around 11pm SL Time, I found myself locked out of the database. After getting in via one of the many back doors I have back into my own system, it appeared that four major French/European Sim Owner/Admin figures had gone on some kind of rampage, removing the passwords of multiple GM's/Global GMs and CCS Admins.

The four admins that appeared to be doing this were Ice Nyoki, Klein Bury, Abaddon Ryba and Demonia Arliss.

As it turns out none of these individuals were involved at all, while the audit log from the system recorded their names as taking the actions, we pulled the server connection log for the 8th and lo and behold one single IP was using all four accounts. And the IP belongs to none of the listed GM's.

We are unsure of the motive behind this breach of security, other than to potentially attempt to cause CCS administration to over react and severely punish a major part of the French/European CCS Community based on just the top level evidence of the audit trail alone. We are also unsure of the motives specifically behind the use of the four names in question but we do know who did this as they were a bit sloppy about it.

The following GM's need to either change their passwords or create stronger passwords as this all started with a brute force attempt on a single GM's password and all these accounts were accessed by the person we have identified to Interpol as the alleged hacker. There is no way they actually "got" your passwords, all passwords are stored in a 256 bit hash and not even I can read them once you set them, but obviously some people were using some fairly weak passwords as this individual did get into the system using one access they brute forced then used that to change the passwords for several other individuals to access their accounts as well.

As stated we do have a very solid idea of who the person that did this was, it was a single individual and they are not a GM for any sim in CCS. I can simply assume that their intent was to attempt to get CCS Administration to cut off a major part of the French/European community in reprisal, and for some reason did not think we could see past the names in the audit trail on the database, which is not the case.

A complaint has been filed with the Interpol Cyber Crime Division, we rather doubt it will get much done but we have given the legal authority that has jurisdiction over the area the hacker is in all the information in regards to the illegal access of our servers, I hope it gets followed up on but I won't hold my breath either.

Anyways, Anonymous you are not. For the love of god at least use a proxy next time, we're not idiots you know.

Sorry for any inconvenience caused by this attempt. Again I will stress, no personal or confidential data has been compromised, it was simply a case of someone with a weak password and someone else brute force accessing their account. So stiffen up your passwords folks, if you need to read up on it please feel free to read this Guide on How to Create Strong Passwords.